Property-Based Anonymization Rules
Property-based rules anonymize structured content. The supported formats are: XML, property, ini, and YAML files.
Required and Optional Fields
name
description (optional)
rule_id (should be set to PROPERTY)
properties
parentNode (optional, applicable only for XML, default value is "property")
include_files
exclude_files (optional)
action (optional, default value is ANONYMIZE)
replace_value (optional, applicable only when action=REPLACE)
shared (optional, default value is true)
enabled (optional, default value is true)
For more information on each field, refer to Fields Used for Defining Anonymization Rules.
Rule Definition Example
{ "name": "PASSWORDS", "rule_id": "Property", "properties": [".*password.*", ".*awsAccessKeyId.*"], "include_files": ["*.xml", "*.properties", "*.yaml", "*.ini"], "exclude_files" : ["capacity-scheduler.xml"], "action" : "REPLACE", "replace_value": "Hidden" }
The following examples show how the rule defined above anonymizes specific password-related properties in XML, property, ini, and YAML files.
XML file content:
<property> <name>fs.s3a.proxy.password</name> <value>Abc7j*4$aTh</value> <description>Password for authenticating with proxy server.</description> </property>
The XML file content, with password value anonymized:
<property> <name>fs.s3a.proxy.password</name> <value>Hidden</value> <description>Password for authenticating with proxy server.</description> </property>
Property file content:
javax.jdo.option.ConnectionPassword=pswd
The property file content, with password value anonymized:
javax.jdo.option.ConnectionPassword=Hidden
Ini file content:
connection_password=pswd
The ini file content, with password value anonymized:
connection_password=Hidden
YAML file content:
"metrics_collector:\n" + " truststore.path : \"/etc/security/clientKeys/all.jks\"\n" + " truststore.type : \"jks\"\n" + " truststore.password : \"bigdata\"\n"
The YAML file content, with password value anonymized:
"metrics_collector:\n" + " truststore.path : \"/etc/security/clientKeys/all.jks\"\n" + " truststore.type : \"jks\"\n" + " truststore.password : Hidden\n"
For more examples, refer to Examples of Property-Based Anonymization Rules.